Trace theory for automatic hierarchical verification of speed-independent circuits

ACM distinguished dissertations Pub Date : 1989-09-07 DOI:10.7551/mitpress/6874.001.0001

D. Dill

{"title":"Trace theory for automatic hierarchical verification of speed-independent circuits","authors":"D. Dill","doi":"10.7551/mitpress/6874.001.0001","DOIUrl":null,"url":null,"abstract":"A theory of automatic hierarchical verification of speed-independent circuits is developed and implemented. The theory models circuits as trace structures. Trace structures represent the behaviors of circuits as sets of traces, which sequences of transitions on the circuit's input and output wires. Trace structures form a compositional semantics for circuits: two trace structures can be composed to model connecting the corresponding circuits and transitions can be hidden to model unobservable internal wires. Trace structures express requirements on the behavior of the environment in addition to describing the behavior of a circuit. It is noted that, for composition to work properly, a trace structure must model all possible actions of the environment. This property, called receptiveness, is precisely characterized. \nTrace structures can also be used as specifications. If one trace structure can be safely substituted for another in all contexts, the first is an implementation of the second. This relationship can be tested by using a decision procedure based on finding the most demanding environment with which a trace structure can be composed. The use of a single formalism for descriptions and specifications greatly simplifies the theory. More importantly, the resulting verification methodology is naturally hierarchical, because specifications at one level of abstraction can be used as descriptions at higher levels of abstraction. \nTwo distinct theories are proposed: prefix-closed trace structures, which can model and specify safety properties, and complete trace structures, which can also deal with liveness and fairness properties. The theory of prefix-closed trace structures has been implemented in an interactive program which has verified and detected bugs in published circuit designs. \nComplete trace structures are based on regular languages of infinite sequences. The definitions and results pertaining to complete trace structures are very similar to those for prefix-closed trace structures. It is relatively difficult to define and test receptiveness for complete trace structures. The definition of this property is presented in terms of infinite two-player games. The problem of receptiveness is proved to be decidable, by reduction to Church's solvability problem.","PeriodicalId":151524,"journal":{"name":"ACM distinguished dissertations","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"582","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM distinguished dissertations","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7551/mitpress/6874.001.0001","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 582

Abstract

A theory of automatic hierarchical verification of speed-independent circuits is developed and implemented. The theory models circuits as trace structures. Trace structures represent the behaviors of circuits as sets of traces, which sequences of transitions on the circuit's input and output wires. Trace structures form a compositional semantics for circuits: two trace structures can be composed to model connecting the corresponding circuits and transitions can be hidden to model unobservable internal wires. Trace structures express requirements on the behavior of the environment in addition to describing the behavior of a circuit. It is noted that, for composition to work properly, a trace structure must model all possible actions of the environment. This property, called receptiveness, is precisely characterized. Trace structures can also be used as specifications. If one trace structure can be safely substituted for another in all contexts, the first is an implementation of the second. This relationship can be tested by using a decision procedure based on finding the most demanding environment with which a trace structure can be composed. The use of a single formalism for descriptions and specifications greatly simplifies the theory. More importantly, the resulting verification methodology is naturally hierarchical, because specifications at one level of abstraction can be used as descriptions at higher levels of abstraction. Two distinct theories are proposed: prefix-closed trace structures, which can model and specify safety properties, and complete trace structures, which can also deal with liveness and fairness properties. The theory of prefix-closed trace structures has been implemented in an interactive program which has verified and detected bugs in published circuit designs. Complete trace structures are based on regular languages of infinite sequences. The definitions and results pertaining to complete trace structures are very similar to those for prefix-closed trace structures. It is relatively difficult to define and test receptiveness for complete trace structures. The definition of this property is presented in terms of infinite two-player games. The problem of receptiveness is proved to be decidable, by reduction to Church's solvability problem.

查看原文本刊更多论文

速度无关电路自动分层验证的跟踪理论

提出并实现了一种速度无关电路的自动分层验证理论。该理论将电路建模为轨迹结构。迹线结构将电路的行为表示为一组迹线，这些迹线是电路输入和输出导线上的转换序列。轨迹结构构成了电路的组合语义:可以组合两个轨迹结构来建模连接相应的电路，可以隐藏过渡来建模不可观察的内部线路。轨迹结构除了描述电路的行为外，还表达了对环境行为的要求。值得注意的是，为了使合成正常工作，跟踪结构必须模拟环境的所有可能动作。这种被称为接受性的特性被精确地描述了出来。跟踪结构也可以用作规范。如果一个跟踪结构可以在所有上下文中安全地替换另一个跟踪结构，那么第一个跟踪结构就是第二个跟踪结构的实现。可以通过使用一个决策过程来测试这种关系，该决策过程基于查找可以组合跟踪结构的最苛刻的环境。使用单一的形式描述和说明大大简化了理论。更重要的是，产生的验证方法是自然分层的，因为一个抽象级别上的规范可以用作更高抽象级别上的描述。提出了两种不同的理论:一种是前缀封闭轨迹结构，它可以建模和指定安全性质;另一种是完整轨迹结构，它也可以处理活动性和公平性性质。前缀闭合轨迹结构理论已在交互式程序中实现，该程序验证并检测了已发表电路设计中的错误。完全轨迹结构基于无穷序列的正则语言。完整跟踪结构的定义和结果与前缀封闭跟踪结构的定义和结果非常相似。对于完整的痕量结构，定义和测试接受度是相对困难的。这个性质的定义是在无限双玩家博弈中给出的。通过还原为丘奇的可解性问题，证明了可接受性问题是可决定的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM distinguished dissertations

自引率

0.00%

发文量